Critical RCE Flaw in Fortigate SSL-VPN Devices
Summary
X-Force is monitoring reports of a series of firmware updates published to address a critical pre-authentication remote code execution vulnerability (CVE-2023-27997) in Fortinet’s SSL VPNs.
Threat Type
Vulnerability
Overview
Update 02- 07/03/2023
According to a recent article from Bleeping Computer, while a fix has been made available since June 11, 2023, over 300 thousand internet facing FortiGate appliances are still vulnerable to this flaw. Fortinet released fixes for this vulnerability before d